./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2095517668 <...> Warning: Permanently added '10.128.1.53' (ECDSA) to the list of known hosts. execve("./syz-executor2095517668", ["./syz-executor2095517668"], 0x7ffff7669650 /* 10 vars */) = 0 brk(NULL) = 0x555556acc000 brk(0x555556accc40) = 0x555556accc40 arch_prctl(ARCH_SET_FS, 0x555556acc300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor2095517668", 4096) = 28 brk(0x555556aedc40) = 0x555556aedc40 brk(0x555556aee000) = 0x555556aee000 mprotect(0x7f221ff83000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 memfd_create("syzkaller", 0) = 3 mmap(NULL, 138412032, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f2217ac8000 write(3, "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"..., 1048576) = 1048576 munmap(0x7f2217ac8000, 1048576) = 0 openat(AT_FDCWD, "/dev/loop0", O_RDWR) = 4 ioctl(4, LOOP_SET_FD, 3) = 0 close(3) = 0 mkdir("./file0", 0777) = 0 [ 20.312819][ T30] audit: type=1400 audit(1669458440.729:62): avc: denied { execmem } for pid=408 comm="syz-executor209" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1 [ 20.325260][ T408] loop0: detected capacity change from 0 to 2048 mount("/dev/loop0", "./file0", "ext4", MS_DIRSYNC|MS_NOATIME|MS_LAZYTIME, ",errors=continue") = 0 openat(AT_FDCWD, "./file0", O_RDONLY|O_DIRECTORY) = 3 chdir("./file0") = 0 ioctl(4, LOOP_CLR_FD) = 0 [ 20.333898][ T30] audit: type=1400 audit(1669458440.739:63): avc: denied { read write } for pid=408 comm="syz-executor209" name="loop0" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 20.365269][ T30] audit: type=1400 audit(1669458440.739:64): avc: denied { open } for pid=408 comm="syz-executor209" path="/dev/loop0" dev="devtmpfs" ino=111 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 20.375972][ T408] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. close(4) = 0 open("./bus", O_RDWR|O_CREAT|O_NOCTTY|O_SYNC|O_NOATIME|FASYNC, 000) = 4 open("./bus", O_RDONLY) = 5 open("./bus", O_RDWR|O_CREAT|O_NONBLOCK|O_SYNC|O_DIRECT|O_LARGEFILE|O_NOATIME, 000) = 6 openat(AT_FDCWD, "/proc/self/exe", O_RDONLY) = 7 sendfile(6, 7, NULL, 2147484416) = 786432 ftruncate(4, 6) = 0 [ 20.390351][ T30] audit: type=1400 audit(1669458440.739:65): avc: denied { ioctl } for pid=408 comm="syz-executor209" path="/dev/loop0" dev="devtmpfs" ino=111 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 20.425140][ T408] ------------[ cut here ]------------ [ 20.431139][ T30] audit: type=1400 audit(1669458440.769:66): avc: denied { mounton } for pid=408 comm="syz-executor209" path="/root/file0" dev="sda1" ino=1138 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1 [ 20.436546][ T408] kernel BUG at fs/ext4/inode.c:2731! [ 20.462036][ T30] audit: type=1400 audit(1669458440.829:67): avc: denied { mount } for pid=408 comm="syz-executor209" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 20.467770][ T408] invalid opcode: 0000 [#1] PREEMPT SMP KASAN [ 20.491981][ T30] audit: type=1400 audit(1669458440.839:68): avc: denied { write } for pid=408 comm="syz-executor209" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 20.497975][ T408] CPU: 0 PID: 408 Comm: syz-executor209 Not tainted 5.15.74-syzkaller-00001-g4ec71a9ec769 #0 [ 20.497993][ T408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 20.498001][ T408] RIP: 0010:ext4_writepages+0x3b91/0x3bb0 [ 20.520914][ T30] audit: type=1400 audit(1669458440.839:69): avc: denied { add_name } for pid=408 comm="syz-executor209" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 20.531297][ T408] Code: c6 31 ff e8 41 95 81 ff 84 db 75 2c e8 28 92 81 ff 48 bb 00 00 00 00 00 fc ff df 4c 8b 7c 24 48 e9 d3 c9 ff ff e8 0f 92 81 ff <0f> 0b e8 08 92 81 ff e8 1f 82 10 ff eb a0 e8 fc 91 81 ff e8 13 82 [ 20.531310][ T408] RSP: 0018:ffffc900002fec60 EFLAGS: 00010293 [ 20.531325][ T408] RAX: ffffffff81efff81 RBX: 0000008000000000 RCX: ffff8881069893c0 [ 20.541409][ T30] audit: type=1400 audit(1669458440.839:70): avc: denied { create } for pid=408 comm="syz-executor209" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 20.546920][ T408] RDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000 [ 20.546933][ T408] RBP: ffffc900002ff050 R08: ffffffff81efcb8f R09: ffffed10212e90c6 [ 20.546943][ T408] R10: ffffed10212e90c6 R11: 1ffff110212e90c5 R12: ffffc900002ff280 [ 20.546955][ T408] R13: 0000000000000001 R14: 0000008410000000 R15: ffffc900002fef20 [ 20.571098][ T30] audit: type=1400 audit(1669458440.839:71): avc: denied { read write open } for pid=408 comm="syz-executor209" path="/root/file0/bus" dev="loop0" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 20.591144][ T408] FS: 0000555556acc300(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 20.591167][ T408] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 20.591178][ T408] CR2: 00000000004571f0 CR3: 000000011e2a3000 CR4: 00000000003506b0 [ 20.710366][ T408] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 20.718818][ T408] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 20.727260][ T408] Call Trace: [ 20.730511][ T408] [ 20.733278][ T408] ? errseq_check+0x40/0x70 [ 20.737620][ T408] ? mark_buffer_dirty+0x1ed/0x310 [ 20.742662][ T408] ? __ext4_handle_dirty_metadata+0x2f0/0x820 [ 20.749544][ T408] ? __kasan_check_write+0x14/0x20 [ 20.754502][ T408] ? ext4_readpage+0x220/0x220 [ 20.759378][ T408] ? domain_dirty_limits+0x2aa/0x3c0 [ 20.764755][ T408] ? __kasan_check_read+0x11/0x20 [ 20.769983][ T408] ? balance_dirty_pages+0x238d/0x2660 [ 20.775364][ T408] ? __kasan_check_write+0x14/0x20 [ 20.780596][ T408] ? ext4_readpage+0x220/0x220 [ 20.785367][ T408] do_writepages+0x442/0x6c0 [ 20.789907][ T408] ? __writepage+0x130/0x130 [ 20.794394][ T408] ? __kasan_check_write+0x14/0x20 [ 20.799428][ T408] ? _raw_spin_unlock+0x4d/0x70 [ 20.804202][ T408] filemap_fdatawrite_wbc+0x245/0x2a0 [ 20.809497][ T408] file_write_and_wait_range+0x1e5/0x2e0 [ 20.815050][ T408] ? __filemap_set_wb_err+0x100/0x100 [ 20.820451][ T408] ext4_sync_file+0x19e/0xa00 [ 20.825396][ T408] vfs_fsync_range+0x17b/0x190 [ 20.829997][ T408] ext4_buffered_write_iter+0x584/0x630 [ 20.835765][ T408] ext4_file_write_iter+0x456/0x1dc0 [ 20.841081][ T408] ? stack_trace_save+0x12d/0x1f0 [ 20.846015][ T408] ? current_time+0x310/0x310 [ 20.850536][ T408] ? stack_trace_snprint+0x100/0x100 [ 20.855650][ T408] ? __stack_depot_save+0x34/0x4b0 [ 20.860600][ T408] ? iter_file_splice_write+0x25a/0xfd0 [ 20.866245][ T408] ? ext4_file_read_iter+0x4b0/0x4b0 [ 20.871616][ T408] ? __kasan_kmalloc+0x9/0x10 [ 20.876305][ T408] ? __kmalloc+0x203/0x350 [ 20.880652][ T408] ? iter_file_splice_write+0x25a/0xfd0 [ 20.886109][ T408] ? direct_splice_actor+0xfe/0x130 [ 20.891409][ T408] ? splice_direct_to_actor+0x4d4/0xbd0 [ 20.896785][ T408] ? do_splice_direct+0x2a0/0x3f0 [ 20.901645][ T408] ? do_sendfile+0x63b/0xfd0 [ 20.906072][ T408] ? __x64_sys_sendfile64+0x1ce/0x230 [ 20.911279][ T408] ? do_syscall_64+0x44/0xd0 [ 20.915709][ T408] do_iter_readv_writev+0x52a/0x720 [ 20.920748][ T408] ? generic_file_rw_checks+0x260/0x260 [ 20.926391][ T408] ? security_file_permission+0xf3/0x5f0 [ 20.931937][ T408] do_iter_write+0x1f4/0x760 [ 20.936363][ T408] ? __kasan_check_read+0x11/0x20 [ 20.941222][ T408] ? splice_from_pipe_next+0x600/0x650 [ 20.946518][ T408] vfs_iter_write+0x7c/0xa0 [ 20.950856][ T408] iter_file_splice_write+0x810/0xfd0 [ 20.956162][ T408] ? splice_from_pipe+0x220/0x220 [ 20.961026][ T408] ? generic_file_splice_read+0x51f/0x760 [ 20.966590][ T408] ? splice_shrink_spd+0xb0/0xb0 [ 20.971443][ T408] ? selinux_file_permission+0x2ae/0x520 [ 20.976911][ T408] ? splice_from_pipe+0x220/0x220 [ 20.982020][ T408] direct_splice_actor+0xfe/0x130 [ 20.986858][ T408] splice_direct_to_actor+0x4d4/0xbd0 [ 20.992065][ T408] ? do_splice_direct+0x3f0/0x3f0 [ 20.996923][ T408] ? pipe_to_sendpage+0x340/0x340 [ 21.001792][ T408] ? rw_verify_area+0xa7/0x1c0 [ 21.006387][ T408] do_splice_direct+0x2a0/0x3f0 [ 21.011072][ T408] ? splice_direct_to_actor+0xbd0/0xbd0 [ 21.016454][ T408] do_sendfile+0x63b/0xfd0 [ 21.020708][ T408] ? do_pwritev+0x6a0/0x6a0 [ 21.025046][ T408] ? ptrace_notify+0x248/0x340 [ 21.029645][ T408] ? do_notify_parent+0xa60/0xa60 [ 21.034506][ T408] ? fpregs_restore_userregs+0x1f0/0x3a0 [ 21.039973][ T408] __x64_sys_sendfile64+0x1ce/0x230 [ 21.045008][ T408] ? __ia32_sys_sendfile+0x250/0x250 [ 21.050268][ T408] ? syscall_enter_from_user_mode+0x71/0x1b0 [ 21.056075][ T408] do_syscall_64+0x44/0xd0 [ 21.060330][ T408] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 21.066166][ T408] RIP: 0033:0x7f221ff148d9 [ 21.070419][ T408] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 21.089861][ T408] RSP: 002b:00007ffca44ee4b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 21.098101][ T408] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f221ff148d9 [ 21.105910][ T408] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004 [ 21.113904][ T408] RBP: 00007f221fed4170 R08: 0000000000000000 R09: 0000000000000000 [ 21.122339][ T408] R10: 0001000000201005 R11: 0000000000000246 R12: 00007f221fed4200 [ 21.130790][ T408] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 21.139099][ T408] [ 21.142026][ T408] Modules linked in: [ 21.145902][ T408] ---[ end trace a6f07612416fbd85 ]--- [ 21.151161][ T408] RIP: 0010:ext4_writepages+0x3b91/0x3bb0 [ 21.156757][ T408] Code: c6 31 ff e8 41 95 81 ff 84 db 75 2c e8 28 92 81 ff 48 bb 00 00 00 00 00 fc ff df 4c 8b 7c 24 48 e9 d3 c9 ff ff e8 0f 92 81 ff <0f> 0b e8 08 92 81 ff e8 1f 82 10 ff eb a0 e8 fc 91 81 ff e8 13 82 [ 21.176208][ T408] RSP: 0018:ffffc900002fec60 EFLAGS: 00010293 [ 21.182060][ T408] RAX: ffffffff81efff81 RBX: 0000008000000000 RCX: ffff8881069893c0 [ 21.190125][ T408] RDX: 0000000000000000 RSI: 0000008000000000 RDI: 0000000000000000 [ 21.197835][ T408] RBP: ffffc900002ff050 R08: ffffffff81efcb8f R09: ffffed10212e90c6 [ 21.205668][ T408] R10: ffffed10212e90c6 R11: 1ffff110212e90c5 R12: ffffc900002ff280 [ 21.213429][ T408] R13: 0000000000000001 R14: 0000008410000000 R15: ffffc900002fef20 [ 21.221269][ T408] FS: 0000555556acc300(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 21.230040][ T408] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 21.236485][ T408] CR2: 00000000004571f0 CR3: 000000011e2a3000 CR4: 00000000003506b0 [ 21.244257][ T408] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 21.252048][ T408] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 21.259891][ T408] Kernel panic - not syncing: Fatal exception [ 21.265921][ T408] Kernel Offset: disabled [ 21.270041][ T408] Rebooting in 86400 seconds..